package com.chris.controller;

import com.chris.utils.JwtUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;

@RestController
@Slf4j
public class HomeController {
    @PostMapping("/refreshToken")
    public void refreshToken(HttpServletRequest request){
        String oldRefreshToken = request.getHeader("refreshToken");
        if(JwtUtil.isTokenExpired(oldRefreshToken)){
            log.error("token已过期");
        }
        String username = JwtUtil.getUsernameByToken(oldRefreshToken);
        String token = JwtUtil.createToken(username);
        String refreshToken = JwtUtil.createRefreshToken(token);
        log.info("新的token:{},新的refreshToken：{}",token,refreshToken);
    }
    @PostMapping("/hello")
    //权限控制
    @PreAuthorize("hasRole('ADMIN') or hasAuthority('queryHello')")
    public void hello(){
        log.info("hello");
    }
}
